Security NewsWatch

NSI Security NewsWatch Banner

A weekly roundup of news, trends and insights designed exclusively for security professionals. This publication is intended for security staff only.

View in Your Browser at https://nsi.org/Security_NewsWatch/NewsWatch/3.22.17.html

In this issue — March 29, 2017

  • The US’ Hidden Role in Chinese Weapons Research
  • iPad Bomb Plot Allegedly Led to Device Ban on Flights
  • London Terror Attack: UK Wants Encrypted WhatsApp Messages
  • Iran Denies Harassing US Warships in Gulf, Warns of Clashes
  • Chinese Pursuit of MoneyGram Raises Espionage Fears
  • General: Russia Waging Information Warfare
  • China Plumbs US Startups for Cutting-Edge Military Tech
  • Cyberwar: Defense Firms Face Battle to Guard Secrets
  • Breaking Down China’s Electronic Warfare Tactics
  • Feds Skeptical About Security of Their Agencies’ Internet-Connected Devices

 

The US’ Hidden Role in Chinese Weapons Research (SCMP, 3/29/17)

China’s efforts to lure its scientists back from overseas institutions have been paying off militarily, with more than a little help from the United States.  Military projects they have been involved in include China’s development of hypersonic weapons capable of penetrating missile-defense systems and the design of new submarines able to patrol quietly along the US’ west coast.

For more than a decade, China has been ramping up efforts to lure back talented scientists working at laboratories in the US linked to America’s nuclear weapons program and other military research, as well as those working for NASA and companies such as Lockheed Martin Space Systems and Boeing.  Many of the scientists returning to China have worked at Los Alamos National Laboratory, Lawrence Livermore National Laboratory, or the Air Force Research Laboratory at Wright-Patterson Air Force Base. More

iPad Bomb Plot Allegedly Led to Device Ban on Flights (Computerworld, 3/27/17)

A plot allegedly involving an iPad bomb was one of the factors that sparked US and UK restrictions on bringing electronic devices larger than a smartphone into the passenger cabin of flights traveling from the Middle East.  It’s unclear if the alleged bomb was inside an iPad knockoff or used an iPad shell, but the tablet filled with explosives was not in itself enough to trigger the electronic device ban.

A source said the US and UK bans were not the result of a single incident, but rather a combination of factors.  One of those factors was the discovery of a plot to bring down a plane with explosives hidden in a fake iPad that appeared as good as the real thing.  Other details of the plot, such as the date, the country involved, and the group behind it, remain secret. More

London Terror Attack: UK Wants Encrypted WhatsApp Messages (Fox News, 3/27/17)

The UK government wants WhatsApp to give security services access to encrypted messages in the aftermath of last week’s Westminster Bridge terror attack.  Officials, however, could face stiff challenges if they choose to apply UK surveillance legislation to the US-based firm.  Reports suggest Westminster Bridge attacker Khalid Masood used the WhatsApp messaging service just minutes before the rampage that left three pedestrians and one police officer dead and dozens more wounded.

UK Home Secretary Amber Rudd urged WhatsApp and other encrypted services to make their platforms accessible to intelligence services and police trying to carrying out lawful eavesdropping.  “We need to make sure that organizations like WhatsApp, and there are plenty of others like that, don’t provide a secret place for terrorists to communicate with each other,” she said.  Last year, the UK passed the Investigatory Powers Act, which aims to strengthen the country’s surveillance powers. More

Iran Denies Harassing US Warships in Gulf, Warns of Clashes (Reuters, 3/25/17)

Last week, Iran denied US accusations that its fast-attack boats were “harassing” warships at the mouth of the Gulf, and said Washington would be responsible for any clashes in the key oil shipping route.  US Navy commanders earlier accused Iran of jeopardizing international navigation by harassing warships passing through the Strait of Hormuz and said future incidents could and lead to an armed clash.

They spoke after the aircraft carrier George H.W. Bush confronted what one of the commanding officers described as two sets of Iranian Navy fast-attack boats that had approached a US-led, five-vessel flotilla as it entered the Strait on a journey from the Indian Ocean into the Gulf.  It was the first time a US carrier entered the narrow waterway since President Donald Trump took office in January. More

Chinese Pursuit of MoneyGram Raises Espionage Fears (S.D. Union-Tribune, 3/24/17)

The acquisition of financial giant MoneyGram by a company with close ties to the Beijing government might be scuttled by rising fears that Chinese spies would exploit the data of American troops and their families to track military movements and identify targets to turn.  The bidding war for Dallas-based MoneyGram pits China’s Zhejiang Ant Small and Micro Financial Services — called “Ant” — against Euronet Worldwide, a Kansas firm that’s American-owned.

On Jan. 27, Ant offered $880 million for MoneyGram.  Less than three months later, Euronet swept in with a $2 billion bid.  Ant operates in China like America’s PayPal system, but its subsidiaries include an online bank and a money-market fund.  It’s believed that about 15% of Ant is owned by the Communist government and the sovereign wealth fund it controls. More

******************************************************************************************

The Evolving NISP: Navigating The Road Ahead (NSI.org)

The National Industrial Security Program (NISP) is undergoing significant changes in several key areas that will dictate future requirements for the protection of classified and sensitive unclassified information. The Information Security Oversight Office (ISOO), which oversees the government-wide security classification system and the National Industrial Security Program, is at the forefront of these efforts.

As changes to industrial security policy advance, security practitioners can take a number of steps now to address changing requirements and stay ahead of coming reforms. Mark Bradley, Director, Information Security Oversight Office will present a timely analysis of the road ahead for the NISP at the upcoming NSI IMPACT ’17 Forum on April 24-26 at the Westfields Marriott in Chantilly, VA. This briefing will bring you up to speed on key areas of government security that will affect the way you do your job. Among the issues to be examined are: classification management; Controlled Unclassified Information (CUI); Insider Threat program requirements; security policy implementation; new reporting requirements; and more.

For more information, go to: https://www.nsi.org/impact-2017.html

******************************************************************************************

General: Russia Waging Information Warfare (DC Free Beacon, 3/24/17)

Russia is waging a malign information warfare campaign to undermine the United States and its allies, the general in charge of the European Command told Congress last week.  Army Gen. Curtis Scaparrotti, who is also NATO’s supreme allied commander, told a Senate hearing the US government needs a strategy and system to counter Russian information attacks.

In testimony before the Senate Armed Services Committee, Scaparrotti said the United States needs to respond to Russia’s deployment of a cruise missile that violates a 1987 treaty banning intermediate-range nuclear missiles. More

China Plumbs US Startups for Cutting-Edge Military Tech (Fiscal Times, 3/24/17)

China is investing billions in US startups with cutting-edge products that could have military applications at the same time it is dialing back investments in less critical American industries, such as entertainment.  Among the startups are companies working on artificial intelligence for military robots, rocket engines, ship sensors, and printers that could produce high-tech components such as computer screens for military jets.

Many of the firms making such investments are owned by companies controlled by the Chinese government or connected to its leaders.  One report says China poured $9.9 billion into new Silicon Valley firms in 2015 and made an additional $3.5 billion in tech investments in the first nine months of last year. More

Cyberwar: Defense Firms Face Battle to Guard Secrets (Dayton Daily News, 3/23/17)

Thousands of defense contractors face a Pentagon directive to boost cybersecurity defenses by the end of the year, but many likely won’t have all the safeguards in place.  “We don’t anticipate many companies being close to being compliant by the end of the year,” said Timothy Birt, Riverside Research information technology security administrator.

Hackers target secret data on weapon systems, classified research on leap-ahead technology, and personal information on top scientists and others with critical jobs.  “The interest in that personal data is to actually use it against employees of clear defense contractors to blackmail them or just coerce them into giving up information that they may not otherwise want to do,” Birt said. More

Breaking Down China’s Electronic Warfare Tactics (C4ISR, 3/22/17)

In the wake of Russia’s demonstrations of advanced electromagnetic spectrum and communications jamming capabilities, most recently displayed in their incursion into Ukraine, China also is upping its game in this space, demonstrating similar capabilities in the Pacific.  The U.S. Department of Defense, in an annual report to Congress on China’s military and security developments, assessed that the country is placing greater importance upon EW, on par with traditional domains of warfare such as air, ground, and maritime.

“The [People’s Liberation Army] sees EW as an important force multiplier, and would likely employ it in support of all combat arms and services during a conflict,” the report asserts.  “The PLA’s EW units have conducted jamming and anti-jamming operations, testing the military’s understanding of EW weapons, equipment, and performance.  This helped improve the military’s confidence in conducting …operations in simulated EW environments.” More

Feds Skeptical About Security of Their Agencies’ Internet-Connected Devices (NextGov, 3/22/17)

Nearly 90% of federal managers believe securing Internet of Things devices, such as sensors and smart technology, is essential to their agency’s mission, but just 40% are confident these devices are truly secure, a new survey found.  Major challenges prevent government from adequately securing the smart devices it relies on, respondents said, including inadequate funding and a procurement process unprepared for digital-age challenges.

About 40% of respondents cited each of those challenges, with 30% citing a shortage of technical expertise in their agencies and 19% citing a lack of support by top leadership. More

Keep Getting This Newsletter To ensure delivery to your inbox (not bulk or junk folders), please add NSI@nsi.org to your address book. TO SUBSCRIBE: If you were sent this by a colleague and wish to subscribe to NSI’s complementary Security NewsWatch e-newsletter, visit http://nsi.org/newsletter.html. TO UNSUBSCRIBE: This news service comes to you from the news team at the National Security Institute. If you do not wish to receive it in the future, please reply to this e-mail with the subject line “Un-subscribe.” Please feel free to share this e-mail with your colleagues and encourage them to sign up to get their own copy at http://nsi.org/newsletter.html

ADVERTISERS: For information about sponsoring this e-letter, contact sburns@nsi.org or call 508-533-9099.

National Security Institute 165 Main Street, Suite 215 Medway, MA 02053 Tel: 508-533-9099 Fax: 508-507-3631 Internet: http://nsi.org